Allow customization of keys_only & paranoid SSH
This adds two new SSH configuration options: - `keys_only` - `paranoid` These values were previously hard-coded, but can now be user-specified. Fixes GH-4275
This commit is contained in:
parent
791ad7ac8e
commit
d44fcf2d52
|
@ -434,6 +434,8 @@ module Vagrant
|
||||||
info[:host] ||= @config.ssh.default.host
|
info[:host] ||= @config.ssh.default.host
|
||||||
info[:port] ||= @config.ssh.default.port
|
info[:port] ||= @config.ssh.default.port
|
||||||
info[:private_key_path] ||= @config.ssh.default.private_key_path
|
info[:private_key_path] ||= @config.ssh.default.private_key_path
|
||||||
|
info[:keys_only] ||= @config.ssh.default.keys_only
|
||||||
|
info[:paranoid] ||= @config.ssh.default.paranoid
|
||||||
info[:username] ||= @config.ssh.default.username
|
info[:username] ||= @config.ssh.default.username
|
||||||
|
|
||||||
# We set overrides if they are set. These take precedence over
|
# We set overrides if they are set. These take precedence over
|
||||||
|
|
|
@ -335,8 +335,8 @@ module VagrantPlugins
|
||||||
forward_agent: ssh_info[:forward_agent],
|
forward_agent: ssh_info[:forward_agent],
|
||||||
send_env: ssh_info[:forward_env],
|
send_env: ssh_info[:forward_env],
|
||||||
keys: ssh_info[:private_key_path],
|
keys: ssh_info[:private_key_path],
|
||||||
keys_only: true,
|
keys_only: ssh_info[:keys_only],
|
||||||
paranoid: false,
|
paranoid: ssh_info[:paranoid],
|
||||||
password: ssh_info[:password],
|
password: ssh_info[:password],
|
||||||
port: ssh_info[:port],
|
port: ssh_info[:port],
|
||||||
timeout: 15,
|
timeout: 15,
|
||||||
|
|
|
@ -7,6 +7,8 @@ module VagrantPlugins
|
||||||
attr_accessor :username
|
attr_accessor :username
|
||||||
attr_accessor :password
|
attr_accessor :password
|
||||||
attr_accessor :insert_key
|
attr_accessor :insert_key
|
||||||
|
attr_accessor :keys_only
|
||||||
|
attr_accessor :paranoid
|
||||||
|
|
||||||
def initialize
|
def initialize
|
||||||
@host = UNSET_VALUE
|
@host = UNSET_VALUE
|
||||||
|
@ -15,6 +17,8 @@ module VagrantPlugins
|
||||||
@username = UNSET_VALUE
|
@username = UNSET_VALUE
|
||||||
@password = UNSET_VALUE
|
@password = UNSET_VALUE
|
||||||
@insert_key = UNSET_VALUE
|
@insert_key = UNSET_VALUE
|
||||||
|
@keys_only = UNSET_VALUE
|
||||||
|
@paranoid = UNSET_VALUE
|
||||||
end
|
end
|
||||||
|
|
||||||
def finalize!
|
def finalize!
|
||||||
|
@ -24,6 +28,8 @@ module VagrantPlugins
|
||||||
@username = nil if @username == UNSET_VALUE
|
@username = nil if @username == UNSET_VALUE
|
||||||
@password = nil if @password == UNSET_VALUE
|
@password = nil if @password == UNSET_VALUE
|
||||||
@insert_key = true if @insert_key == UNSET_VALUE
|
@insert_key = true if @insert_key == UNSET_VALUE
|
||||||
|
@keys_only = true if @keys_only == UNSET_VALUE
|
||||||
|
@paranoid = false if @paranoid == UNSET_VALUE
|
||||||
|
|
||||||
if @private_key_path && !@private_key_path.is_a?(Array)
|
if @private_key_path && !@private_key_path.is_a?(Array)
|
||||||
@private_key_path = [@private_key_path]
|
@private_key_path = [@private_key_path]
|
||||||
|
|
|
@ -62,6 +62,16 @@ the machine, but replace it with perhaps a more secure key later.
|
||||||
|
|
||||||
<hr>
|
<hr>
|
||||||
|
|
||||||
|
`config.ssh.keys_only` - Only use Vagrant-provided SSH private keys (do not use
|
||||||
|
any keys stored in ssh-agent). The default value is `true`.`
|
||||||
|
|
||||||
|
<hr>
|
||||||
|
|
||||||
|
`config.ssh.paranoid` - Perform strict host-key verification. The default value
|
||||||
|
is `true`.
|
||||||
|
|
||||||
|
<hr>
|
||||||
|
|
||||||
`config.ssh.forward_agent` - If `true`, agent forwarding over SSH
|
`config.ssh.forward_agent` - If `true`, agent forwarding over SSH
|
||||||
connections is enabled. Defaults to false.
|
connections is enabled. Defaults to false.
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue